AppIconsKit

Data Protection

Last updated: March 1, 2025

IconVaultKit is committed to protecting your personal data and complying with applicable data protection laws including the General Data Protection Regulation (GDPR) and similar regulations. This page explains our data protection practices and your rights as a data subject.

Data Controller

IconVaultKit acts as the data controller for personal data collected through this website. As data controller, we determine the purposes and means of processing your personal data. For questions about our data processing activities, you can contact us at privacy@iconvaultkit.com.

Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Consent: When you submit an advertiser application, you consent to us processing the information you provide to handle your inquiry.
  • Legitimate Interests: We process technical usage data to improve our service and ensure its security and performance.
  • Contract Performance: When you enter into an advertising agreement with us, we process data necessary to fulfill that contract.
  • Legal Compliance: In certain cases, we may need to process data to comply with legal obligations.

Data We Collect and Why

Advertiser Application Data

Data collected: Name, tagline, website URL, email address, logo URL, notes. Purpose: To process your advertising inquiry and communicate with you. Retention: Until your inquiry is resolved or for the duration of any advertising agreement, plus 2 years thereafter for record-keeping.

Analytics Data

Data collected: Anonymized usage data via Google Analytics including page views, session duration, and general location data. Purpose: To understand how our service is used and make improvements. Retention: 26 months as per Google Analytics default settings.

Browser-Stored Data

Data stored: Your favorite icons, recently used icons, and color presets via localStorage. Purpose: To provide a better user experience across sessions. Retention: Until you clear your browser storage. This data is never transmitted to our servers.

Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected or as required by law. Advertiser application data is retained for the duration of any active advertising relationship and for a period of two years after the relationship ends. Analytics data is retained in accordance with our analytics provider settings. Once data is no longer needed, it is securely deleted or anonymized.

International Data Transfers

IconVaultKit uses cloud-based services that may process your data in countries outside your own. When we transfer data outside the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission. Our service providers including Supabase and Google operate with appropriate data protection frameworks in place.

Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights regarding your personal data:

  • Right of Access:You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification:You have the right to request that we correct any inaccurate personal data we hold about you.
  • Right to Erasure:You have the right to request that we delete your personal data in certain circumstances.
  • Right to Restriction:You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability:You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object:You have the right to object to our processing of your personal data where we rely on legitimate interests as the legal basis.
  • Right to Withdraw Consent:Where processing is based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@iconvaultkit.com. We will respond to your request within 30 days.

Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit using TLS, access controls to limit who can access stored data, regular security reviews of our systems and practices, and using reputable cloud providers with strong security certifications. Despite these measures, no internet transmission is completely secure, and we cannot guarantee the absolute security of data transmitted to our site.

Complaints

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with your local data protection supervisory authority. In the UK, this is the Information Commissioner's Office (ICO). In the EU, this is the data protection authority in your country of residence. We would, however, appreciate the opportunity to address your concerns before you approach the supervisory authority, so please contact us first at privacy@iconvaultkit.com.

Contact Our Data Protection Team

For any data protection questions, requests, or concerns, please contact us at privacy@iconvaultkit.com. We are committed to working with you to resolve any concerns about our data practices.